Threat Actor: DeathNote Hackers | DeathNote Hackers
Victim: Metro Pacific Tollways Corporation (MPTC) | Metro Pacific Tollways Corporation
Price: Not specified
Exfiltrated Data Type: Personal and transactional data, internal documents
Key Points :
- Nearly 1 million Easytrip records compromised, affecting 972,848 records.
- Leaked data includes sensitive information such as reloaded balances, pre-loaded accounts, and user transaction logs.
- Card Number Inventory released, containing 247,324 Easytrip card numbers, raising concerns about financial fraud.
- Internal MPTC documents leaked, including employee contact details and logs from their systems.
- Potential consequences include financial fraud, phishing risks, reputational damage, and regulatory scrutiny.
Manila, Philippines – A massive cyberattack, Metro Pacific Tollways Corporation (MPTC), operators of the Easytrip system, have fallen victim to a significant data breach, compromising nearly one million customer records. Sensitive personal and transactional data has been exposed to the public following the attack.
According to the post by DeathNote Hackers, the breach has affected 972,848 Easytrip records, including data linked to toll reloading, pre-loading, and adjustments made through MPTC’s systems. The following key data has been leaked:
Reloaded Records: 40,257 records detailing reloaded balances on customer toll cards.
Pre-loaded Records: 16,703 records showing pre-loaded toll accounts.
Reload Reports: 83,916 logs of user transactions.
Insertion Reports: 15,424 records of toll card insertions.
Adjustment Records: 258,800 adjustments to customer accounts.
Invalid Adjustment Records: 69,196 adjustments flagged as invalid.
API Adjustment Logs: 488,552 logs of changes made to customer accounts via the API.
In addition to these records, a Card Number Inventory containing 247,324 Easytrip card numbers has been released. This list includes both active and inactive cards, raising concerns over potential financial fraud and misuse of the compromised card details.
The breach has not only affected customer information but also leaked critical internal MPTC documents. This includes:
MPTC Employee Telephone Directory: Personal contact details of approximately 3,000 employees or contractors.
OutSystems Logs: Internal logs from MPTC’s platform that could provide insights into how the breach occurred.
Card Generation Details: Information regarding the generation of Easytrip card numbers by an internal “Superadmin” user.
Screenshots of internal documents and logs have surfaced, revealing how deeply MPTC’s systems were penetrated. One such screenshot shows detailed logs of the Card Number Inventory, listing the time, date, and administrator responsible for generating card batches, further proving the breach’s authenticity.
The leaked data poses severe risks for both MPTC and its customers. Potential consequences include:
Financial Fraud: The exposure of card numbers and transaction records could result in unauthorized toll charges, balance theft, and other fraudulent activities.
Phishing and Social Engineering: With customer and employee contact details leaked, both groups are at risk of receiving targeted phishing emails or being victims of social engineering attacks.
Reputational Damage: MPTC faces significant backlash for failing to secure its systems, potentially eroding public trust in their toll collection services.
Regulatory Action: Given the scale of the breach, MPTC could face regulatory scrutiny and potential penalties from data protection agencies in the Philippines.